- The CVE-2019-3568 bug was marked the most dangerous as it allowed hackers to execute malicious codes on smartphones
- n 2019, it was reported that one of WhatsApp’s vulnerability allowed hackers to install Spywares on devices
- Whatsapp alleged that the Israeli company was behind the cyber-attacks that infected smartphones in May
The popular messaging app WhatsApp, that claims to provide high-level security to its users, has disclosed 12 vulnerabilities in 2019. Out of twelve, seven of them were said to be critical.
The latest discovery came to the fore after the alleged hacking of Amazon founder and CEO Jeff Bezos' phone due to flaw in WhatsApp. The incident questioned the credibility of the messaging app that boasts end-to-end encryption. However, this wasn't the first time the Facebook-backed messaging app came under the scanner, it was earlier accused of alleged snooping human rights activists and journalists in India through spyware, Pegasus.
As per the National Vulnerability Database, out of 12 vulnerabilities that WhatsApp disclosed in 2019, seven were marked critical. Among the list of vulnerabilities disclosed by the social media app, the CVE-2019-3568 bug was marked the most dangerous as it allowed hackers to execute malicious codes on smartphones. Another critical flaw, the CVE-2019-11933 that primarily affected WhatsApp for Android allowed hackers to cause a denial of service.
Another bug was reported that could have allowed hackers to crash WhatsApp by sending a malicious message on a group which could result in WhatsApp becoming completely unusable for the affected person.
In 2019, it was reported that one of WhatsApp's vulnerability allowed hackers to install Spywares on devices. However, Whatsapp alleged that the Israeli company was behind the cyber-attacks that infected smartphones in May and April.
The Israeli company that develops software to hack into phones strongly condemned the allegations. Over 1400 people were targeted using the Pegasus spyware, among which 121 users were Indian journalists, human rights activists and political figures.
"Indian journalists and human rights activists have been the target of surveillance and while I cannot reveal their identities and the exact number, I can say that it is not an insignificant number," a WhatsApp spokesperson had said in a statement.
WhatsApp had claimed to fix the vulnerability that hackers were exploiting. They encouraged users to update to the latest version of the app as that ensures end-to-end encryption and cannot be accessed by the third party.
Post the gaffe, the Indian government had warned the Facebook-owned messaging app to strengthen its security as breaches like that would not be tolerated in the future.
WhatsApp is currently the most used messaging app with over 450 million users in India.